Questionning some parts of the configuration

Thu, 11 Jun 2009 10:10:37 -0700 

Hi guys,
as I'm trying to figure out a DiT based configuration for ADS, I'm now questioning some choice that have been made long ago. I think we can simplify the configuration a bit. 

Let's start with some preliminary comments.


- the base for all the storage is a DirectoryService. This is the heart 
of our system.
- we have built a lot of servers on top of it, like Kerberos, DHCP, DNS, 
ChangePW and LDAP. Those servers rely on the DirectoryService
- we have one unique server, NTP, which is standalone - ie, it does not 
need any DirectoryService -.
- the Ldap server is a bit special, as it is not named LdapServer, as we 
would expect when we have a look at the other servers, but ApacheDS, and 
it points to 2 LdapService (which in turn associate a DirectoryService 
with a transport)
- a Transport is a protocol layer defining the host, port, protocol and 
some other network related parameters. Each server has at least one 
transport.


Ok, so far, we are lost now :)

I would suggest we clean up a bit all of this.


1) ApacheDS is a condensed name for ApacheDirectoryServer. It's a 
server. we will keep the two services (Ldap and Ldaps), even if we 
should treat them as transport, not service.
2) All the other servers (NTP, DHCP, Kerberos, DNS) are a combinaison of 
one or more transport and an optional DirectoryService, if needed.
3) We will define only one DirectoryService for LDAP. We may want 2 
DirectoryServices, one for LDAP and another one for LDAPS. But this is 
not what we have in ApacheDS atm (looking at the code, the 
DirectoryService is define 3 times : in ApacheDS and in both LdapService).
4) The consequence is that some flags like AllowAnonymousAccess is now 
useless in ApacheDS, as it's already present in the LdapService instances.
5) The SyncOnWrite flag is define in a Service class, instanciated in 
ApacheDS. That's most certainly not what we want, as it defines a worker 
thread in charge of calling directoryService.synch() periodically. This 
thread is specific to ApacheDS, and won't be available to someone who 
want to use a DirectoryService as a server backend. I suggest we move 
the Worker to DirectoryService.



That's pretty much it. Just tell me if you agree, or disagree, before I 
commit anything.


Thanks !

--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
























					Reply via email to